#!/usr/bin/env python
# -*- coding=utf-8
# Jboss CVE-2017-12149 反序列化检测脚本
# usage: python3 CVE-2017-12149.py ip port
import requests
import sys

ip = sys.argv[1]
port = sys.argv[2]

url = 'http://{}:{}/invoker/JMXInvokerServlet'.format(ip, port)
headers = {"User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36"}
r = requests.get(
    url, headers=headers, timeout=10, allow_redirects=False)
if r.status_code == 200:
    if r.headers['content-type'].count('serialized') or r.headers['Content-Type'].count('serialized'):
        print('[ok] -> {}:{}'.format(ip, port))